Is the end of Social Security numbers at hand?

The search for more secure alternatives, including biometrics

We’ve all been warned not to use the same password for email, Facebook, and Amazon. But that is exactly what every American does when it comes to our financial lives. We rely on the same nine-digit password for everything from loans to taxes: Social Security numbers.

Having just one number is convenient, of course — especially to fraudsters. Right now attorneys general in Connecticut and Illinois are investigating a data breach at Experian
EXPGY, -0.51%
, one of the three major credit bureaus, that exposed the identification digits of more than 200 million Americans. To combat such crimes, experts say government agencies have begun to consider alternatives, including biometric scans.

When Social Security numbers were first issued nearly 80 years ago, they weren’t intended to be used as identification with tax men, employers and health-care providers. Yet now, 80% of the top 25 banks and 96% of the top credit card issuers allow people to access to an account if they have the correct Social Security number, according to a 2014 study by Javelin Strategy & Research.

The numbers were exposed in nearly 50% of data breaches in 2013, according to the Identity Theft Resource Center. They can be hacked or tracked through keystrokes, and found on tax forms in snail mail or old records in dumpsters. It’s even possible to guess a Social Security number based on information from Facebook profiles, like hometowns and birth dates, Carnegie Mellon University researchers found in 2009.

Prince George's first trip overseas

(1:04)

The Duke and Duchess of Cambridge arrived in New Zealand on Monday for the start of a three-week tour. They were accompanied by their nine-month-old son Prince George on his first overseas trip.

“Any number of people might know your Social Security number,” says Steve Toporoff, identity protection program coordinator at the Federal Trade Commission.

It is hard to measure how many people fall victim to identity fraud due to a stolen Social Security number, experts say, because it is often difficult to trace the crime back to a specific cause. But the effects of Social Security number misuse are clearer.

The U.S. loses billions of dollars every year to thieves who file for someone else’s tax refund after getting their hands on Social Security numbers. In 2011, the Internal Revenue Service issued about $3.6 billion in potentially fraudulent tax refunds, according to a September report by the Treasury Inspector General for Tax Administration. For more than 174,000 Social Security numbers, more than one refund was filed — an indicator that some weren’t legitimate.

Those nine digits come cheap on the black market. Some estimates peg the cost at just $3, according to the Office of the National Counterintelligence Executive.

The U.S. adopted Social Security numbers as an across-the-board federal government identifier after President Franklin Roosevelt issued an executive order in 1943, less than a decade after they first began being issued for the agency’s benefits programs. In 2011, the agency began using a more randomized process for assigning the numbers. 

There are no official plans to abandon Social Security numbers any time soon, but the government is now considering ways to reduce the number of times agencies ask people for their numbers, Toporoff says, as the digits increasingly fall in the hands of thieves.

President Barack Obama announced a program called the National Strategy for Trusted Identities in Cyberspace in 2011 — an initiative to partner with the private sector to create an online user authentication framework. The plan is to create an Internet ID system, which people could use to interact with multiple government agencies instead of shuffling paperwork that includes private data (like a Social Security number) through the mail.

Can you teach your kid to be an entrepreneur?

(2:38)

Classes and camps to teach young children how to be entrepreneurs are popping up from Princeton, N.J., to San Antonio, Texas.

“Consumers will be required to give out their information in fewer instances and they won’t have to remember a zillion passwords,” Toporoff says.

Some countries have turned to biometric identification in hopes of thwarting fraud. Proponents say fingerprint and iris recognition scans make it more difficult for con men.

Intraday Data provided by SIX Financial Information and subject to terms of use.
Historical and current end-of-day data provided by SIX Financial Information. Intraday data
delayed per exchange requirements. S&P/Dow Jones Indices (SM) from Dow Jones & Company, Inc.
All quotes are in local exchange time. Real time last sale data provided by NASDAQ. More
information on NASDAQ traded symbols and their current financial status. Intraday
data delayed 15 minutes for Nasdaq, and 20 minutes for other exchanges. S&P/Dow Jones Indices (SM)
from Dow Jones & Company, Inc. SEHK intraday data is provided by SIX Financial Information and is
at least 60-minutes delayed. All quotes are in local exchange time.